Security & Risk Mitigation for your Enterprise

Security is a top priority for our team. Our planning, development and deployment processes are based on years of best-practices.

TALK TO AN EXPERT
Assembla version control technology

Secure Version Control — in the cloud

Assembla Enterprise Cloud Version Control is the most secure version control platform in the world. We help companies embrace agile, meet compliance, and stay innovative while keeping source code safe.

Download our whitepaper

Risk Management Planning & Process

Our operational playbook includes a bottom-up evaluation of the risks to security, risk mitigation techniques, and ongoing areas of investment to further reduce risks.

A 24/7/365 DevOps team continuously monitors network access and traffic using real-time intrusion monitors. Data Centers and production access is restricted to admins with individual user credentials. Passwords are never stored directly in the database, and all API and API communication between you and Assembla is conducted using the strongest encryption standards.

Risk
Security

Data Security

Assembla replicates data and repositories in real-time across multiple geographically diverse locations and offers multiple additional disaster recovery options including redundant backups in AWS and Azure. Encrypted, monitored, backed up, secure.

Secure Software Development Lifecycle (SDLC)

We are passionate about agile software development, continuous integration and delivery. Assembla uses HackerOne, a leading premier vulnerability coordination platform to provide proactive vulnerability dectection. Our team manages inbound reports from the HackerOne community and quickly remediates issue to ensure the safety and security of your repositories.

Join our private bug program

Hackerone
Cloudflare

DevSecOps

Over a hundred years of combined Security experience running mission critical workloads in the cloud make up the fabric of our Security teams. We use behavioral analysis, static rules, and custom filters looking for zero-day exploits.

We use Static Rules (User definitions such as IP address, HTTP header content, country, and session ID) and Dynamic Filtering (Behavioral and reputational filtering of threat data automatically and in real-time) in our security stack.

We also believe in strong Layer 7 Protection (Top layer firewall for threat detection, mitigation and syndication) with our partners Cloudflare.

TALK TO AN EXPERT

Assembla lets you move development to the cloud while maintaining your regulatory and security requirements.

Privacy shield

Assembla is also fully certified on PrivacyShield. The full report is available on request.

PCI DSS logo

We are Level 3 PCI certified and partner with Level 1 provider Chargify to process transactions. Download our PCI DSS certificate here.

Aicpa logo

Our security controls are audited each year, following the AICPA SSAE-16 SOC 2 guidelines for the Security and Availability principles. The full report is available on request.

All Assembla Cloud Services follow DevOps principles and are using automated, continuous deployment for all application code.

Download the Free Whitepaper

How Assembla Approaches Security

Managed Private Cloud

Assembla offers multiple infrastructure design options including managed private cloud. Global deployment options with multi-node infrastructure in North America, EMEA and APAC. Can be customized to meet unique compliance security and SLA requirements up to 99.99%.

Managed private cloud

Our Security Roadmap

Assembla is fully committed to GPDR and HIPAA compliance in 2018.

hipaa gdpr

Ready to get started with Enterprise Cloud Version Control?